<?php
session_start();

$col=':';
$dbuser=$_SESSION['dbuser'];
$dbpass=$_SESSION['dbpass'];
$dbport=$_SESSION['dbport'];
$dbhost=$_SESSION['dbhost'];
$dbname=$_SESSION['dbname'];
$showusname=$_SESSION['showusname'];

if ($dbhost=="localhost") {
   $dbhost = "127.0.0.1";
   } 

$dbhostport = $dbhost . $col . $dbport ; 

$con = mysql_connect($dbhostport, $dbuser, $dbpass);
if (!$con)
    {
      $error=mysql_error();
      $_SESSION['error'] = $error;
      
      Header("Location: error.php");
    }
  
mysql_select_db($dbname, $con);

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<HTML xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><HEAD><META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<TITLE>Sam-My - Securich GUI tool - User Accounts</TITLE>

	<STYLE type="text/css" media="all">
	
	body {
		background: #f70;
		font: 0.8em arial, helvetica, sans-serif;
		margin: 0;
		padding: 0;
		height:100%;
        padding-bottom:35px;   /* Height of the footer */
	}
	
	#footer {
        position: absolute;
 	    bottom: 40px;
	    width:100%;
	    height:15px;   /* Height of the footer */
	    color: #fff;
    }
    
	#header {
		background-color: white;
	}
	
    #header ul {
		list-style: none;
		padding: 0;
		margin: 0;
		background: white;
		float: left;
		width: 100%;
		#border-bottom: 0.5em solid #FF5E00; /* orange under the menu*/
    }
    
	#header li {
		float: left;
		margin: 0 1em 0 0;
    }
    
	#header a {
		text-decoration: none;
		display: block;
		width: 6em;
		padding: 0 0.5em;
		font-weight: bold;
		color: black;
		border-bottom: 0.5em solid #fc6;
		color: #fc6;
    }
	
	#header a:hover {
		color: #fa3;
		border-color: #fa3;
	}
	
	#header #selected a {
		color: #f80;
		border-color: #f80;
	}
	
	#content {
        position:absolute;
        top: 85px;
        left:60px;
		clear: both;
		color: white;
		padding: 1em;
	}
	
	#content p {
		margin: 0 0 1em 0;
	}
	
	h1 {
		margin: 0;
		padding: 0.5em 0 1em 0.5em;
		color: #f80;
		font-size: 1.5em;
		font-style: italic;
	}

	</STYLE>
	
</HEAD>
<BODY>

<DIV id="header">

<H1>Sam-My - The GUI frontend for Securich, the security plugin for MySQL</H1>

<UL>
	<LI><A href="welcome.php">Home</A></LI>
	<LI id="selected"><A href="accounts.php">Accounts</A></LI>
	<LI><A href="grant_revoke.php">Privileges</A></LI>
	<LI><A href="configure.php">Config</A></LI>
	<LI><A href="securich.php">Securich</A></LI>
	<LI><A href="help.php">Help</A></LI>
	<LI><A href="logout.php">Log Out</A></LI>
</UL>
</DIV>

<DIV id="content">
<FORM METHOD='post' ACTION='"<?php echo $PHP_SELF;?>"'>
<table>  
  <tr>
    <td colspan="3">
      <br><br><br><b>User Privileges:</b><br><br>
    </td>
  </tr>
  <tr>
    <td width="10px"></td>
    <td></td>
    <td>
    
    <?
    $mysqli = mysqli_init();
    $mysqli->real_connect($dbhost, $dbuser, $dbpass, $dbname, $dbport);
  
    if (mysqli_connect_errno())
    {
      $error=mysql_error();
      $_SESSION['error'] = $error;
      
      Header("Location: error.php");
    }
    
    else
    {
       $str_query = "call securich.show_full_user_entries('" . $showusname . "');";
       
       if($mysqli->multi_query ($str_query))
       { 
                    echo "<div>";
                    echo "<table width='790px'><tr>";
                    echo "<td width='90px' align='left'>USERNAME</td>";                  
                    echo "<td width='130px' align='left'>HOSTNAME</td>";                  
                    echo "<td width='130px' align='left'>DATABASE</td>";                  
                    echo "<td width='200px' align='left'>OBJECT</td>";                  
                    echo "<td width='90px' align='left'>ROLE</td>";                  
                    echo "<td width='120px' align='left'>PRIVILEGE</td>";                  
                    echo "<td width='90px' align='left'>TYPE</td>";                  
                    echo "<td width='60px' align='left'>STATE</td>"; 
                    echo "</tr>";
         do
         {
           if($objResult = $mysqli->store_result())
           {
              while($row = $objResult->fetch_assoc())
              {
                    $username = $row['USERNAME'];
                    $hostname = $row['HOSTNAME'];
                    $databasename = $row['DATABASENAME'];
                    $object = $row['OBJECT'];
                    $role = $row['ROLE'];
                    $privilege = $row['PRIVILEGE'];
                    $type = $row['TYPE'];
                    $state = $row['STATE'];

                    echo "<tr>";
                    echo "<td width='90px' align='left'>" . str_replace (" ", "", $username ) . "</td>";                  
                    echo "<td width='130px' align='left'>" . str_replace (" ", "", $hostname ) . "</td>";                  
                    echo "<td width='130px' align='left'>" . str_replace (" ", "", $databasename ) . "</td>";                  
                    echo "<td width='200px' align='left'>" . str_replace (" ", "", $object ) . "</td>";                  
                    echo "<td width='110px' align='left'>" . str_replace (" ", "", $role ) . "</td>";                  
                    echo "<td width='120px' align='left'>" . str_replace (" ", "", $privilege ) . "</td>";                  
                    echo "<td width='120px' align='left'>" . str_replace (" ", "", $type ) . "</td>";                  
                    echo "<td width='40px' align='left'>" . str_replace (" ", "", $state ) . "</td>";       
                    echo "</tr>";

              }
              
              $objResult->close();
           }
         }
        while ( $mysqli->next_result());
                    echo "</table>";
                    echo "</div>";
        
      }
    }   
    ?>

    <br>
    </td>    
  </tr><br><br>
</table>
</FORM>
</DIV>
 
   <DIV id="footer" align="left">
   <table>
     <tr>
       <td width="23px">&nbsp;</td>
       <td>
         Copyright &copy; Darren Cassar a.k.a. preacher<br />
         Developed by Darren Cassar <?php echo date("Y"); ?> - GPLv2
       </td>
     </tr>
   </table>
   </DIV>

</BODY></HTML>
